This invention relates to network security devices, and more particularly to displaying network security information.
Computer networks are often vulnerable to attack. As long as companies use a public computer network, such as the Internet, for transferring files, sending e-mail, downloading programs, etc., there is always a chance that some malicious outsider (sometimes referred to as a xe2x80x9chackerxe2x80x9d) will find a way to obtain unauthorized access to a company""s internal computer network (e.g., an xe2x80x9cIntranetxe2x80x9d) used by the company""s employees.
There are ways to make a network more resistant to an attack by hackers. For instance, a xe2x80x9cfirewallxe2x80x9d software program acts as a gatekeeper between the Internet and a company""s computer network. One type of firewall is known as a xe2x80x9cpacket filter.xe2x80x9d A traditional packet filter, which runs on a machine called a router, uses a rigid set of rules to allow or deny packets by examining a source address and a destination address of every packet of data going in or out of the company""s network. This is somewhat analogous to a company""s mailroom sorter who examines envelopes to make sure that they are both coming from a legitimate source address and/or bound for a legitimate destination address.
Another type of firewall is an application-level firewall (sometimes referred to as a xe2x80x9cproxyxe2x80x9d). In contrast to packet filters, traditional proxies work at the application level. This application-level firewall examines the contents of packets as well as their addresses, and therefore allows the company to implement a more detailed security screen for incoming and outgoing network traffic. A traditional proxy can be analogous to mailroom employees who x-ray bulky packages: the proxy scans packets for computer viruses or potentially dangerous Internet programs. However, in order to be installed and to operate, traditional proxies often require special modification or configuration to a company""s existing network software.
Firewall programs sometimes include a software program that logs and records information associated with packets transmitted to and from the company""s computer network. For instance, logging programs can record dates, times, and number of attempts that an outsider tries to repeatedly access the company""s computer network.
However, such information is often recorded in large log files that require manual or automated data processing methods to later obtain selected records of packets that have interfaced with the firewall. It is desirable to be able to provide a firewall device that can easily interface with existing hardware and software and that provides some convenient indication of a real-time representation of network traffic at the firewall.